Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Nov. 19, 2024, 6:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
193911 7.5 危険 extrovert software - Thyme Calendar の event_view.php における SQL インジェクションの脆弱性 - CVE-2007-2621 2012-06-26 15:46 2007-05-11 Show GitHub Exploit DB Packet Storm
193912 5.1 警告 drake team - Drake CMS の index.php における CRLF インジェクションの脆弱性 - CVE-2007-2618 2012-06-26 15:46 2007-05-11 Show GitHub Exploit DB Packet Storm
193913 7.5 危険 crie sue - Crie seu PHPLojaFacil における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-2615 2012-06-26 15:46 2007-05-11 Show GitHub Exploit DB Packet Storm
193914 6.8 警告 cgx - CGX における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-2611 2012-06-26 15:46 2007-05-11 Show GitHub Exploit DB Packet Storm
193915 7.5 危険 gnuedu - gnuedu における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-2609 2012-06-26 15:46 2007-05-11 Show GitHub Exploit DB Packet Storm
193916 7.8 危険 Firebird Project - Firebird におけるバッファオーバーフローの脆弱性 - CVE-2007-2606 2012-06-26 15:46 2007-05-11 Show GitHub Exploit DB Packet Storm
193917 7.1 危険 brujula toolbar - Brujula Toolbar の BRUJULA4.NET.DLL におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-2605 2012-06-26 15:46 2007-05-11 Show GitHub Exploit DB Packet Storm
193918 7.8 危険 brew city software - FlexLabel ActiveX コントロールにおけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-2604 2012-06-26 15:46 2007-05-11 Show GitHub Exploit DB Packet Storm
193919 7.8 危険 audio cd tools - Audio CD Ripper OCX ActiveX コントロールの Init 関数におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-2603 2012-06-26 15:46 2007-05-11 Show GitHub Exploit DB Packet Storm
193920 9.3 危険 divx city - fix.dll の GDivX Zenith Player AviFixer クラスの ActiveX コントロールにおけるバッファオーバーフローの脆弱性 - CVE-2007-2601 2012-06-26 15:46 2007-05-11 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Nov. 19, 2024, 4:16 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
264861 - otrs otrs The ACL-customer-status Ticket Type setting in Open Ticket Request System (OTRS) before 3.0.0-beta1 does not restrict the ticket options after an AJAX reload, which allows remote authenticated users … CWE-264
Permissions, Privileges, and Access Controls 		CVE-2010-4763 2011-03-22 13:00 2011-03-19 Show GitHub Exploit DB Packet Storm
264862 - otrs otrs Open Ticket Request System (OTRS) before 2.4.10, and 3.x before 3.0.3, does not present warnings about incoming encrypted e-mail messages that were based on revoked PGP or GPG keys, which makes it ea… CWE-255
Credentials Management 		CVE-2010-4764 2011-03-22 13:00 2011-03-19 Show GitHub Exploit DB Packet Storm
264863 - otrs otrs Race condition in the Kernel::System::Main::FileWrite method in Open Ticket Request System (OTRS) before 2.4.8 allows remote authenticated users to corrupt the TicketCounter.log data in opportunistic… CWE-362
Race Condition 		CVE-2010-4765 2011-03-22 13:00 2011-03-19 Show GitHub Exploit DB Packet Storm
264864 - otrs otrs The AgentTicketForward feature in Open Ticket Request System (OTRS) before 2.4.7 does not properly remove inline images from HTML e-mail messages, which allows remote attackers to obtain potentially … CWE-20
 Improper Input Validation  		CVE-2010-4766 2011-03-22 13:00 2011-03-19 Show GitHub Exploit DB Packet Storm
264865 - otrs otrs Open Ticket Request System (OTRS) before 2.3.6 does not properly handle e-mail messages in which the From line contains UTF-8 characters associated with diacritical marks and an invalid charset, whic… CWE-20
 Improper Input Validation  		CVE-2010-4767 2011-03-22 13:00 2011-03-19 Show GitHub Exploit DB Packet Storm
264866 - otrs otrs Open Ticket Request System (OTRS) before 2.3.5 does not properly disable hidden permissions, which allows remote authenticated users to bypass intended queue access restrictions in opportunistic circ… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2010-4768 2011-03-22 13:00 2011-03-19 Show GitHub Exploit DB Packet Storm
264867 - otrs otrs Open Ticket Request System (OTRS) before 2.4.4 grants ticket access on the basis of single-digit substrings of the CustomerID value, which allows remote authenticated users to bypass intended access … CWE-264
Permissions, Privileges, and Access Controls 		CVE-2009-5055 2011-03-22 13:00 2011-03-19 Show GitHub Exploit DB Packet Storm
264868 - otrs otrs Open Ticket Request System (OTRS) before 2.4.0-beta2 does not properly enforce the move_into permission setting for a queue, which allows remote authenticated users to bypass intended access restrict… CWE-20
 Improper Input Validation  		CVE-2009-5056 2011-03-22 13:00 2011-03-19 Show GitHub Exploit DB Packet Storm
264869 - otrs otrs The S/MIME feature in Open Ticket Request System (OTRS) before 2.3.4 does not configure the RANDFILE and HOME environment variables for OpenSSL, which might make it easier for remote attackers to dec… CWE-310
Cryptographic Issues 		CVE-2009-5057 2011-03-22 13:00 2011-03-19 Show GitHub Exploit DB Packet Storm
264870 - otrs otrs Multiple cross-site scripting (XSS) vulnerabilities in Open Ticket Request System (OTRS) before 2.3.3 allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) AgentTic… CWE-79
Cross-site Scripting 		CVE-2008-7275 2011-03-22 13:00 2011-03-19 Show GitHub Exploit DB Packet Storm